Recent ransomware campaign

I’ve been trying to come up with an interesting way to tie this weekend’s worldwide ransomware attack into fiction, but I’m coming up short. Maybe it’s just too depressing. It just seems like a bunch of uninspired jackasses trying to steal money.

This malware is a bit more sophisticated than most, in that in comes in on email, a user clicks it and runs it (thinking it’s a link to a cat video or some damn thing), and then it spreads via file-sharing protocols to all the PCs on the local network, laughing at perimeter firewalls as it encrypts everyone’s files. For you sportsball fans, this is like the quarterback doing a fake to get the golden snitch past the goalie before the shortstop even hears the starter pistol. That’s called a slam dunk, friends.

The story has a couple of interesting points. It seems there was an ill-conceived but convenient kill switch. And it looks like this was a known vulnerability hoarded by the US government, so thanks for that, guys.

British hospitals seem to have been hit particularly hard, so much so that some have had to turn away patients. Pretend you’re a hospital that years ago purchased an expensive MRI machine operated by software that only runs on Windows XP. The company that sold the device and the software has long since gone out of business, so there’s no way to migrate to a supported operating system. People still need MRIs, so it’s not like you can just not use the thing. That kind of thing is likely why Microsoft released a patch for some of the legacy versions of Windows, so that was right neighborly of them.

This is a good reminder to run updates on your computers. All of them.